1-888-PIVOT-POINT | 1-888-748-6876
turn
Select Page
GDPR & Privacy Shield - What They Mean for Your Business

Database Penetration Test

 

Database Penetration Testing

Database Vulnerability Assessments are integral to a systematic and proactive approach to database security. This form of penetration testing reduces the risk associated with both web- and database-specific attacks, and is often required for compliance with relevant standards, laws & regulations.

Methodology typically includes:

  • Leveraging an open-source or commercial database vulnerability assessment tool to discover known database security vulnerabilities; and,
  • Formal reporting on the process, gap analysis, relevant findings, and mitigation roadmap. Where possible the report will also include; root cause analysis, peer-group benchmarking, good practice benchmarking, executive summaries, and technical summaries.

The predominant benefits realized by a Database Vulnerability Assessment:

  • Quickly identify configuration errors, default settings, coding errors, and patch management issues in an automated manner in an economical fashion;
  • Capable of being run on automated, regular basis to provide baseline and ongoing vulnerability management metrics; and,
  • Can be used to focus other database assessment activities on those areas of greatest concern.

Database Vulnerability Assessments are best used:

  • As a quick and inexpensive means of assessing the risk associated with a database that is in operation but has not (recently) gone through a broader database security assessment;
  • As part of an ongoing vulnerability/configuration management program, especially in support of demonstration of ongoing compliance with relevant standards/regulations;
  • To assess less critical databases (i.e., databases with a moderate risk profile where the risk does not justify greater extent and rigor; and,
  • As an information gathering mechanism to focus penetration testing or code reviews.

Contact an Expert

Because Database Vulnerability Assessments are fully “tool-based,” manual review of the findings by someone well versed in database security is usually necessary to optimally leverage the output. Contact Pivot Point to learn how our experts can help secure your company’s data.

 

Contact A Penetration Testing Expert